LDAP Imports no users

[k1rb]

PHP version: 8.2.19 FreeScout version: 1.8.122 Database: MySQL Are you using CloudFlare: No Are you using non-official modules: No

We recently added the LDAP module, it's connected and fetches attributes. The filter works, we use it for other applications and I've verified that it works via get-aduse -ldapfilter.

We have gotten one user to sync in testing. I think the issue is that the module uses the value of "Bind DN" to build the DN of the bind user as well as for the search base. We want to use DC=domain,DC=tld as the search base but the bind user is in CN=bind-ro,CN=users,DC=domain,DL=tld.

When I attempt to sync from the GUI there are no errors but there are no imports. The one time we did get it to work one of the users was in the same DN as the bind user.

Unfortunately we cannot put the bind user at the root of the directory or where I would like to specify the search base and we cannot move all users that we want to import into the DN where the bind user is.

Thank you for your help.

[freescout-helpdesk]

Use:

[lngrmn]

@freescout-helpdesk I'm experiencing the exact same problem: My LDAP-Server is definitely working and I can clearly see my request's in its debug logs. Even my self-configured ldap-filter works, so that only a distinct amount of users gets returned. However, FreeScout keeps telling me that it can't find any users when I click on "Import now".

Could you please provide some help or fix for this? This is my configuration: Bind DN: ou=users,o=ckh Bind Username: root Filter:

[freescout-helpdesk]

In LDAP Module v1.0.37 we've added LDAP Debug log to the "Import" dialog window.

Maybe it will help to identify the issue. If not - the only way is to debug it manually on your server: https://github.com/freescout-helpdesk/freescout/wiki/Debugging

[lngrmn]

@freescout-helpdesk thanks for the update. This output helps a lot! But I still can't import any users eventhough 3 users are found:

What am I doing wrong?

[freescout-helpdesk]

It means for those users some information is missing (email or name, etc)

[freescout-helpdesk]

Try to change lines 241 in /Modules/Ldap/Overrides/Adldap/Connections/Ldap.php:

        if ($debug || 1) {

And you will see requests which LDAP Module makes to retrieve each user. Apparently by some reason it can not retrieve those users from your LDAP.

[lngrmn]

@freescout-helpdesk Thanks for your quick responses. Our LDAP-Service is behind a VPN.

Information for at least one user are provided correctly and I'm pretty sure that this applies to the other users as well since this is working in other applications for a good amount of time. Please have a look at the attributes given:

I tried changing the line you've mentioned in the module's php code. But I can't find any additional information. Neither in the ldap and app logs nor in the dialog that get's displayed after clicking on "Import now". Where do these get stored/displayed?

[k1rb]

Not sure if it will be helpful at this point but, after @freescout-helpdesk replied to my last post, I was able to get this working with this filter:

dc=domain,dc=tld(&(objectClass=person)(objectcategory=person)(memberOf=CN=freescout-users,OU=My Org,DC=domain,DC=tld))

Thanks @freescout-helpdesk

[lngrmn]

Thanks @k1rb! Unfortunately changing the filter options led nowhere and I' m still unable to debug this topic properly... @freescout-helpdesk-team you posted this the other day:

And you will see requests which LDAP Module makes to retrieve each user. Apparently by some reason it can not retrieve those users from your LDAP.

Where am I able to see the requests and responses being made? I can't find anything about that in the laravel-log or elsewhere. My LDAP-Server is clearly working with a bunch of other applications and the output above shows that even FreeScout is able to find some users with the options and filters I applied. Could you please provide some more information about where I can inspect the responses? This is the LDAP server I am using: https://github.com/milux/ctldap

[freescout-help]

@lngrmn We can take a look at it on your server - email us at support@freescout.net or you can find someone who can debug it for you: https://github.com/freescout-help-desk/freescout/wiki/Debugging